Phishing
Phishing is a type of spam where the spammer's objective is to trick you into typing your login name and password into a website that the spammer controls. For example an email purporting to be from your bank, saying that your account has been disabled and asking you to follow a link and enter your username and password to re-enable it. There have also been phishing attempts which specifically targeted Cambridge users.
If you get such an email and are unsure whether it is genuine, don't follow the link in the email. Go to the organisation's website via your bookmarks or Google and log in. If it was genuine then there will be a similar message on the website.
Some phishes will ask you to call a phone number instead - again, don't call the phone number in the email, look on the organisation's website, and if necessary, call the number you find there.
Occasionally a phish will ask you to reply to the message with confidential information such as your user ID and password or your credit card or bank details. Just as your bank will never ask for your PIN, University Computer Officers will never ask for your password (we may, however, need to ask for your username).
Some giveaways that an email is phishing (not all phishes will have all these problems):
- Poor English, run-on sentences, eccentric capitalisation
- English is often not a spammer's first language. However, some phishes contain chunks of text copied from genuine emails from the business they are impersonating.
- Comes from an email address unrelated to the organisation which it claims to be from
- A genuine email from Amazon will come from a clearly "Amazon" email address such as something@amazon.co.uk or something@amazon.com. Sadly the reverse does not apply as it is easy to forge an email from any address.
- Asks you to follow a link which doesn't go to the organisation's website
- Phishers get your account details by tricking you into typing them into a website which they control. Be careful here as there are various strategies the phishers can use to make their link look genuine. E.g. misspelled URLs such as
www.paypai.comfor www.paypal.com and misleading URLs such aswww.natwest.phishersdomain.com(phishersdomain.com would be replaced by a less blatant name of a domain belonging to the phisher). This is why it is best to go directly to the organisation's website rather than following links in suspicious emails. - Tries to induce a sense of urgency
- Phishing emails often say things like "please reactivate your account within 48 hours to prevent it being deleted". This is designed to panic you into acting before thinking.
- Written in an impersonal style, addresses you as "Dear Customer" or "Dear Student" rather than by name
- This is not an infallible guide, as sophisticated phishing software may be able to fill in the recipient's name, and sometimes a company will send out a genuine mass email in a similar impersonal style (however, this is less likely to request any action).
Spear Phishing
This is a form of phishing where the phisher either appears to be someone you know or someone who appears to know you. Spear phishes often appear to come from the Head of Department (HoD) or Principal Investigator for a group. The HoD/PI appears to be stuck in a meeting (entirely credible!) and needs you to buy some sort of gift voucher as a birthday present for their son/daughter/nephew/niece. And of course, it's urgent. And altruism aside, who doesn't want to impress their boss? These can appear credible so please forward to help@maths if you feel it may be genuine or that others may be fooled.
